3 Steps to Mitigate Security Threats

In our digital age, cybersecurity has become an important part of our online presence. As of late, it’s been highly visible in the news due to data breaches, emerging threats, and the advent of changing policies. The aftermath of these incidents has left many organizations and individuals wary of who they trust with their data.

But what can you do to mitigate security threats to your website?

Understanding what cybersecurity is and how it applies to your business can be a daunting task on its own that is why it is important to work with a hosting partner.

I work with our top enterprise clients on a day to day basis and I help them understand how important it is to protect their site against threats, whether it be a simple WordPress Brute Force attack, or threats affecting core parts of critical business infrastructure. I always find myself giving our customers the same advice, so I wanted to share my top 3 recommendations you can take to help safeguard your business.

Be on the lookout for security threats

Develop countermeasures

Train your employees what to look for

Let’s dive into how each helps protect your business from security threats.

1. Be On the Lookout for Security Threats

In order to understand what security risks could affect you, we need to know what threats lurk on the horizon. Attackers are constantly evolving their methods and strategies to produce the greatest amount of potential harm as possible.

Our team at Liquid Web is constantly on the lookout for threats old and new. A common trend has been the use of enticing emails to trick users into visiting sites or downloading hidden content for the purposes of cryptocurrency mining (especially for bitcoins) or ransomware.

Pro Tip: Always be on the lookout for new types of threats and monitor your industry’s news. Talk to others in your organization and market and ask them what they’re seeing. Conversely, share information with your peers. Security is a team effort across employees, teams, organizations, and industries.

2. Develop Your Countermeasures

Once we identify something that has the potential to cause harm, we start reviewing what risk factors are involved to understand how and where the risk applies.

We can then proactively develop countermeasures based on risk assessment, whether that’s firewall rules, configuration adjustments, or ensuring patches are available (just to name a few.) Afterward, we’ll continue to monitor to see how the countermeasures are performing against the threat, making any changes as needed to ensure continued effectiveness in the long term.

Once a potential threat has been identified, we work to determine what risk potential and countermeasures are appropriate.

Some threats may be fended off by simply changing (or disabling) a configuration setting on a server, ensuring affected core software has been patched, or the creation of a firewall rule for example. There are also threats that require a more robust action to be taken, such as blocking a port from being able to send or receive traffic through our network.

While these are just a handful of examples, we take every possible precaution available to ensure that a threat risk potential is pre-emptively mitigated, while also avoiding alterations that could adversely affect performance.

The steps of risk management are always shifting and a concerted effort is made to constantly research, adapt, and respond to threats in an effective, timely, and non-intrusive manner. This allows us to achieve a comfortable balance between usability and security.

Pro Tip: Have a risk assessment performed so you can prepare a plan. What risks financial, technical, or personnel-related does your organization face? How do those risks impact both the short and long term operations of your business?

Ask yourself how any risk assessment plan will be rolled out to your organization. What obstacles might hinder that goal? How long might it take to roll out this plan? Understanding the risks you face, action items to implement, and the requirements thereof are the building blocks of a strong security awareness program.

3. Train Your Employees to Know What to Look For

The next facet of maintaining a strong security posture goes beyond risk management and mitigation, and into the importance of user education.

Simply put, users can be the best information security resource available when properly educated on technical and policy materials. Your employees are the first line of defense when it comes to identifying anything that could do harm to any personal or business assets.

Phishing: The #1 Attempt on your Data and Systems

One of the most common things you can educate anyone about is how to identify phishing attempts.

“Phishing is the act of using an enticing email, message, call or other means of communication to attempt users into providing sensitive information under the guise of being something that appears trustworthy at first glance.”

Phishing has been a tried and true method used by malicious players to gain the first foothold in an attack scenario.

In a study performed by Wombat Security, 76% of those responsible for information security said that their organized has experienced at least one type of phishing attack. The same study also discovered that 45% of respondents reporting phishing campaigns during 2016, of which 9% of users clicked on a phishing link sent to them.

That may not sound like a large number, but let’s take an organization with 1,000 people in it and apply that 9% figure to those users. That means 90 users would have clicked on a phishing link and could have provided credentials to the attacker which certainly sounds like a staggering amount, especially considering that a successful phishing attack only ever needs to work once.

So What Can You Do?

Training users to recognize such attempts will pay off long before investment into a security technology ever will because humans are adept at identifying patterns and adjusting behavior based on that information.

Some of those things you can inform users of are listed below. This is not an all-inclusive list but is one that Liquid Web has had success in establishing even the most basic of security awareness practices.

Do not click on items you do not recognize.

If it looks like something sent from within your business, ask the person that sent it if possible. Would your manager contact you from an external contact asking for sensitive business information? Understanding who should be asking for what and where that communication should be taking place is paramount to establishing an understanding of the normal practice.

Does the subject line or other identifying information match what you expect when visiting the known good site? For example, does paypal.com actually look like PayPal’s official website?

Report anything you feel may look suspicious and report it to your IT team. Good security and IT teams will periodically run phishing campaigns against their own employees to learn how effective your organization’s security awareness program is. This helps your organization learn from the results and make continuous improvements. If your team has questions, we can also help with answering them.

Pro Tip: If it looks sketchy it probably is. Don’t be afraid to report anything. Asking if something is legitimate or malicious gets others to follow in practice rather than assuming you’re working with the genuine article.

Getting Started

It’s never too early to start putting new systems, policies, and processes in place to mitigate security threats that are here and those on the horizon.

First, be vigilant: make sure to stay on top of emerging threats and trends.

Second, ensure you have countermeasures in place to protect from threats that are on the prowl.

Finally, educate your users and give them steps to take that ensure that phishing threats are properly mitigated, and just as importantly, promptly reported.

Liquid Web Can Help Mitigate Security Threats

Liquid Web has your back. Let us be your partner and help you stay protected. Learn more about our Managed Hardware Firewall and how we can help you stay safe.

About the Author

Josh has worked at Liquid Web for over 4 years, starting out in the support team and moving up to his current position as a Cybersecurity Engineer. Josh is always on the hunt for the latest security-related issues and loves to share his knowledge with others.